| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 13 Nov 2017 10:10:04 +0900 (KST)
From: David Miller <davem@...emloft.net>
To: ilyal@...lanox.com
Cc: netdev@...r.kernel.org, davejwatson@...com, tom@...bertland.com,
hannes@...essinduktion.org, aviadye@...lanox.com,
liranl@...lanox.com
Subject: Re: [PATCH v2 net-next 00/12] tls: Add generic NIC offload
infrastructure
From: Ilya Lesokhin <ilyal@...lanox.com>
Date: Wed, 8 Nov 2017 15:38:25 +0200
> Changes from v1:
> - Remove the binding of the socket to a specific netdev
> through sk->sk_bound_dev_if.
> Add a check in validate_xmit_skb to detect route changes
> and call SW fallback code to do the crypto in software.
> - tls_get_record now returns the tls record sequence number.
> This is required to support connections with rcd_sn != iv.
> - Bug fixes to the TLS code.
>
> This patchset adds a generic infrastructure to offload TLS crypto to a
> network devices.
>
> Patches 1-6 refactor and fix various issues in the TLS code
> Patches 7-8 Export functions that we need
> patch 9 adds infrastructue for offloaded socket fallback
> patches 10-11 add new NDOs and capabilities.
> patch 12 adds the TLS NIC offload infrastructure.
>
> Github with mlx5e TLS offload support:
> https://github.com/Mellanox/tls-offload/tree/tls_device_v2
>
> Paper: https://www.netdevconf.org/1.2/papers/netdevconf-TLS.pdf
This doesn't apply cleanly to net-next, and the net-next tree is now
closed so please resubmit this after the merge window.
Thank you.
Powered by blists - more mailing lists